48 matches found
Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses in net/netip
...
golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses
A flaw was found in the Go language standard library net/netip. The method Is IsPrivate, IsPublic, etc doesn't behave properly when working with IPv6 mapped to IPv4 addresses. The unexpected behavior can lead to integrity and confidentiality issues, specifically when these methods are used to...
go-toolset security update
An update is available for module.delve, go-toolset, golang, delve, module.go-toolset, module.golang. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Go Toolset...
golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses
A flaw was found in the Go language standard library net/netip. The method Is IsPrivate, IsPublic, etc doesn't behave properly when working with IPv6 mapped to IPv4 addresses. The unexpected behavior can lead to integrity and confidentiality issues, specifically when these methods are used to...
Security Bulletin: IBM Instana Observability is vulnerable to Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses in net/netip
Summary A vulnerability that could cause unexpected behavior from Is methods for IPv4-mapped IPv6 addresses in net/netip was remediated in IBM Observability with Instana Build 289 CVE-2024-24790. The various Is methods IsPrivate, IsLoopback, etc did not work as expected for IPv4-mapped IPv6...
Security Bulletin: IBM Watson CP4D Data Stores is vulnerable to uspecified vulnerability in net/netip package in Golang Go CVE-2024-24790)
Summary A potential uspecified vulnerability in net/netip package in Golang Go CVE-2024-24790 has been identified that may affect IBM Watson CP4D Data Stores. This vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-24790 DESCRIPTIO...
Important: Red Hat Security Advisory: ACS 4.5 enhancement update
Updated images are now available for Red Hat Advanced Cluster Security. The updated image includes a bug fix and security fixes. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses
A flaw was found in the Go language standard library net/netip. The method Is IsPrivate, IsPublic, etc doesn't behave properly when working with IPv6 mapped to IPv4 addresses. The unexpected behavior can lead to integrity and confidentiality issues, specifically when these methods are used to...
RLSA-2024:8876 Moderate: go-toolset:rhel8 security update
Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fixes: golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses CVE-2024-24790 For more details about the security issues, including the impact, a CVSS...
go-toolset:rhel8 security update
An update is available for module.go-toolset, go-toolset, delve, golang, module.golang, module.delve. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Go Toolset...
golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses
A flaw was found in the Go language standard library net/netip. The method Is IsPrivate, IsPublic, etc doesn't behave properly when working with IPv6 mapped to IPv4 addresses. The unexpected behavior can lead to integrity and confidentiality issues, specifically when these methods are used to...
Moderate: Red Hat Security Advisory: go-toolset:rhel8 security update
An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses
A flaw was found in the Go language standard library net/netip. The method Is IsPrivate, IsPublic, etc doesn't behave properly when working with IPv6 mapped to IPv4 addresses. The unexpected behavior can lead to integrity and confidentiality issues, specifically when these methods are used to...
ROS-20241028-02
The vulnerability of the net-netip component of Golang programming language is related to incorrect operation of Is methods IsPrivate, IsLoopback, etc. methods. Exploitation of the vulnerability can allow an intruder to bypass the existing access restriction policy...
Moderate: Red Hat Security Advisory: Run Once Duration Override Operator for Red Hat OpenShift 1.2.0 for RHEL 9
Run Once Duration Override Operator for Red Hat OpenShift 1.2.0 for RHEL 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...
golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses
A flaw was found in the Go language standard library net/netip. The method Is IsPrivate, IsPublic, etc doesn't behave properly when working with IPv6 mapped to IPv4 addresses. The unexpected behavior can lead to integrity and confidentiality issues, specifically when these methods are used to...
ROS-20240826-20
Vulnerability in archive-zip package of Golang programming language is related to incorrect processing of zip files. zip files. Exploitation of the vulnerability could allow an attacker to create an arbitrary zip file Vulnerability of net/http and net/http2 libraries of Go programming language in...
golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses
A flaw was found in the Go language standard library net/netip. The method Is IsPrivate, IsPublic, etc doesn't behave properly when working with IPv6 mapped to IPv4 addresses. The unexpected behavior can lead to integrity and confidentiality issues, specifically when these methods are used to...
golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses
A flaw was found in the Go language standard library net/netip. The method Is IsPrivate, IsPublic, etc doesn't behave properly when working with IPv6 mapped to IPv4 addresses. The unexpected behavior can lead to integrity and confidentiality issues, specifically when these methods are used to...
Moderate: Red Hat Security Advisory: grafana security update
An update for grafana is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...